CVE-2022-49418
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2022-49418
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-49418.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2022-49418
- Downstream
- Related
- Published
- 2025-02-26T02:12:43Z
- Modified
- 2025-10-21T09:58:44.377663Z
- Summary
- NFSv4: Fix free of uninitialized nfs4_label on referral lookup.
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
NFSv4: Fix free of uninitialized nfs4_label on referral lookup.
Send along the already-allocated fattr along with nfs4fslocations, and drop the memcpy of fattr. We end up growing two more allocations, but this fixes up a crash as:
PID: 790 TASK: ffff88811b43c000 CPU: 0 COMMAND: "ls" #0 [ffffc90000857920] panic at ffffffff81b9bfde #1 [ffffc900008579c0] dotrap at ffffffff81023a9b #2 [ffffc90000857a10] doerrortrap at ffffffff81023b78 #3 [ffffc90000857a58] excstacksegment at ffffffff81be1f45 #4 [ffffc90000857a80] asmexcstacksegment at ffffffff81c009de #5 [ffffc90000857b08] nfslookup at ffffffffa0302322 [nfs] #6 [ffffc90000857b70] _lookupslow at ffffffff813a4a5f #7 [ffffc90000857c60] walkcomponent at ffffffff813a86c4 #8 [ffffc90000857cb8] pathlookupat at ffffffff813a9553 #9 [ffffc90000857cf0] filenamelookup at ffffffff813ab86b
- References
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced9558a007dbc383d48e7f5a123d0b5ff656c71068Fixed6015292653d95ba9f72906e2b65e536aa5807d64
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced9558a007dbc383d48e7f5a123d0b5ff656c71068Fixedc3ed222745d9ad7b69299b349a64ba533c64a34f
Affected versions
v5.*
v5.15
v5.15-rc5
v5.15-rc6
v5.15-rc7
v5.16
v5.16-rc1
v5.16-rc2
v5.16-rc3
v5.16-rc4
v5.16-rc5
v5.16-rc6
v5.16-rc7
v5.16-rc8
v5.17
v5.17-rc1
v5.17-rc2
v5.17-rc3
v5.17-rc4
v5.17-rc5
v5.17-rc6
v5.17-rc7
v5.17-rc8
v5.18
v5.18-rc1
v5.18-rc2
v5.18-rc3
v5.18-rc4
v5.18-rc5
v5.18-rc6
v5.18-rc7
v5.18.1
v5.18.2
Database specific
vanir_signatures
[
{
"id": "CVE-2022-49418-04a9c5a5",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@c3ed222745d9ad7b69299b349a64ba533c64a34f",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Function",
"digest": {
"length": 986.0,
"function_hash": "184578179714171336157058189536305757260"
},
"target": {
"function": "_nfs4_proc_fs_locations",
"file": "fs/nfs/nfs4proc.c"
}
},
{
"id": "CVE-2022-49418-09ee5466",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@6015292653d95ba9f72906e2b65e536aa5807d64",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Function",
"digest": {
"length": 831.0,
"function_hash": "141032616884427494087841760606559863335"
},
"target": {
"function": "nfs4_get_referral",
"file": "fs/nfs/nfs4proc.c"
}
},
{
"id": "CVE-2022-49418-14dc53f9",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@c3ed222745d9ad7b69299b349a64ba533c64a34f",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Function",
"digest": {
"length": 1126.0,
"function_hash": "74797141170991281447603219998807840740"
},
"target": {
"function": "_nfs41_proc_get_locations",
"file": "fs/nfs/nfs4proc.c"
}
},
{
"id": "CVE-2022-49418-2cb12d35",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@c3ed222745d9ad7b69299b349a64ba533c64a34f",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Function",
"digest": {
"length": 785.0,
"function_hash": "144818461191316095367694480426054836087"
},
"target": {
"function": "nfs4_xdr_dec_fs_locations",
"file": "fs/nfs/nfs4xdr.c"
}
},
{
"id": "CVE-2022-49418-3d6a141a",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@c3ed222745d9ad7b69299b349a64ba533c64a34f",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Function",
"digest": {
"length": 831.0,
"function_hash": "141032616884427494087841760606559863335"
},
"target": {
"function": "nfs4_get_referral",
"file": "fs/nfs/nfs4proc.c"
}
},
{
"id": "CVE-2022-49418-42eded5d",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@6015292653d95ba9f72906e2b65e536aa5807d64",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Function",
"digest": {
"length": 780.0,
"function_hash": "279111582415622060753254104150199784693"
},
"target": {
"function": "nfs_do_refmount",
"file": "fs/nfs/nfs4namespace.c"
}
},
{
"id": "CVE-2022-49418-578d82f0",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@6015292653d95ba9f72906e2b65e536aa5807d64",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Function",
"digest": {
"length": 1468.0,
"function_hash": "308007414620869925850872771346022437326"
},
"target": {
"function": "nfs4_try_migration",
"file": "fs/nfs/nfs4state.c"
}
},
{
"id": "CVE-2022-49418-609f6998",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@6015292653d95ba9f72906e2b65e536aa5807d64",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Function",
"digest": {
"length": 785.0,
"function_hash": "144818461191316095367694480426054836087"
},
"target": {
"function": "nfs4_xdr_dec_fs_locations",
"file": "fs/nfs/nfs4xdr.c"
}
},
{
"id": "CVE-2022-49418-782e3f6a",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@c3ed222745d9ad7b69299b349a64ba533c64a34f",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Line",
"digest": {
"threshold": 0.9,
"line_hashes": [
"287112740657807023904103101585740147961",
"92076234177639242339781196219945396758",
"60849326833119061956698350347707256682",
"151546765796915665226157161621911670148",
"300891291228817116859740601490238105864",
"33329418125520516590592907248880352381",
"14958037470141591018970767614066341790",
"272817344153529007207954408208658891171",
"310819429943320952239319100945506094308",
"294684481793005074418825898650724703588",
"284852767568939866208404758986813844484",
"135048408280236198033297538181704054875",
"178232548585010373670530362802723727332"
]
},
"target": {
"file": "fs/nfs/nfs4namespace.c"
}
},
{
"id": "CVE-2022-49418-8017dc27",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@6015292653d95ba9f72906e2b65e536aa5807d64",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Line",
"digest": {
"threshold": 0.9,
"line_hashes": [
"101210455665832683191657956459763141576",
"259136458363998573972171732364014630639",
"128040958933438836104204809006261606408",
"142848482804616427808564520290832168146"
]
},
"target": {
"file": "include/linux/nfs_xdr.h"
}
},
{
"id": "CVE-2022-49418-82dcec9b",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@c3ed222745d9ad7b69299b349a64ba533c64a34f",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Line",
"digest": {
"threshold": 0.9,
"line_hashes": [
"235578307073298090151763670417358315697",
"297709304754115789574006317487471356993",
"258866936204005816175651445435903635803",
"205623923022014821714294467832754965277",
"228007573809947245533311007651493394611",
"290483836632124812624078789962525173639",
"304694327035004036191183015223802465635",
"118615087621817044448789016706754134171",
"194827547076281610664993474838464611944",
"165476405925288820781662296814020459550",
"324688845438339641293582853106238515101",
"108711201338959355436890414255209117205"
]
},
"target": {
"file": "fs/nfs/nfs4state.c"
}
},
{
"id": "CVE-2022-49418-86d3c3d3",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@6015292653d95ba9f72906e2b65e536aa5807d64",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Function",
"digest": {
"length": 926.0,
"function_hash": "118966971773073861072885337866217928671"
},
"target": {
"function": "_nfs40_proc_get_locations",
"file": "fs/nfs/nfs4proc.c"
}
},
{
"id": "CVE-2022-49418-92fe95ca",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@c3ed222745d9ad7b69299b349a64ba533c64a34f",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Function",
"digest": {
"length": 1468.0,
"function_hash": "308007414620869925850872771346022437326"
},
"target": {
"function": "nfs4_try_migration",
"file": "fs/nfs/nfs4state.c"
}
},
{
"id": "CVE-2022-49418-97905942",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@6015292653d95ba9f72906e2b65e536aa5807d64",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Function",
"digest": {
"length": 986.0,
"function_hash": "184578179714171336157058189536305757260"
},
"target": {
"function": "_nfs4_proc_fs_locations",
"file": "fs/nfs/nfs4proc.c"
}
},
{
"id": "CVE-2022-49418-adabd332",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@6015292653d95ba9f72906e2b65e536aa5807d64",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Function",
"digest": {
"length": 1126.0,
"function_hash": "74797141170991281447603219998807840740"
},
"target": {
"function": "_nfs41_proc_get_locations",
"file": "fs/nfs/nfs4proc.c"
}
},
{
"id": "CVE-2022-49418-b737672d",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@6015292653d95ba9f72906e2b65e536aa5807d64",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Line",
"digest": {
"threshold": 0.9,
"line_hashes": [
"155634420813075031881242186246612173565",
"282127141477098464625694973563221965415",
"70124267545722427983584855206130352615",
"303384364317445284826951654703909572458",
"328554684083623668536721531471652594816",
"282127141477098464625694973563221965415",
"70124267545722427983584855206130352615",
"128054070112287213678976536357598389946"
]
},
"target": {
"file": "fs/nfs/nfs4xdr.c"
}
},
{
"id": "CVE-2022-49418-c67716a8",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@6015292653d95ba9f72906e2b65e536aa5807d64",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Line",
"digest": {
"threshold": 0.9,
"line_hashes": [
"117084116670229382730122276530126856395",
"116558634851279488075806567429207837258",
"42409546474535791233555164774548177818",
"113390363226342039750858767057890346082",
"142418103719104465964468462779210366247",
"188788094268372630875716281400573588284",
"177121051833827227136927978058133119206",
"269860824426662788077881101740106401079",
"72014713235022597437183093040511893077",
"152895971899377847326386009853028439897",
"222597467977294951828318741486036591996",
"34662036231615591993118375770279227970",
"122242641703624990302520540694945208015",
"113455626232392526545612901823045177277",
"324677236320632337974799845998264069625",
"287257096208327373499904002238273556296",
"292326431870281833739592269187778524474",
"130564201155693192556053155030252633747",
"174934215160269620288049443391256802532",
"253267550542776111191659593550172932070",
"243276564824940847908268044159313024746",
"23931924192152434765948355844781851532",
"62796242045926843072021755892036893768",
"162420502245603246404869788119264330487",
"243276564824940847908268044159313024746",
"23931924192152434765948355844781851532"
]
},
"target": {
"file": "fs/nfs/nfs4proc.c"
}
},
{
"id": "CVE-2022-49418-c7dfe586",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@c3ed222745d9ad7b69299b349a64ba533c64a34f",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Function",
"digest": {
"length": 926.0,
"function_hash": "118966971773073861072885337866217928671"
},
"target": {
"function": "_nfs40_proc_get_locations",
"file": "fs/nfs/nfs4proc.c"
}
},
{
"id": "CVE-2022-49418-cb474b14",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@c3ed222745d9ad7b69299b349a64ba533c64a34f",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Line",
"digest": {
"threshold": 0.9,
"line_hashes": [
"155634420813075031881242186246612173565",
"282127141477098464625694973563221965415",
"70124267545722427983584855206130352615",
"303384364317445284826951654703909572458",
"328554684083623668536721531471652594816",
"282127141477098464625694973563221965415",
"70124267545722427983584855206130352615",
"128054070112287213678976536357598389946"
]
},
"target": {
"file": "fs/nfs/nfs4xdr.c"
}
},
{
"id": "CVE-2022-49418-ceec66c9",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@6015292653d95ba9f72906e2b65e536aa5807d64",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Line",
"digest": {
"threshold": 0.9,
"line_hashes": [
"235578307073298090151763670417358315697",
"297709304754115789574006317487471356993",
"258866936204005816175651445435903635803",
"205623923022014821714294467832754965277",
"228007573809947245533311007651493394611",
"290483836632124812624078789962525173639",
"304694327035004036191183015223802465635",
"118615087621817044448789016706754134171",
"194827547076281610664993474838464611944",
"165476405925288820781662296814020459550",
"324688845438339641293582853106238515101",
"108711201338959355436890414255209117205"
]
},
"target": {
"file": "fs/nfs/nfs4state.c"
}
},
{
"id": "CVE-2022-49418-d1fc435d",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@6015292653d95ba9f72906e2b65e536aa5807d64",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Line",
"digest": {
"threshold": 0.9,
"line_hashes": [
"287112740657807023904103101585740147961",
"92076234177639242339781196219945396758",
"60849326833119061956698350347707256682",
"151546765796915665226157161621911670148",
"300891291228817116859740601490238105864",
"33329418125520516590592907248880352381",
"14958037470141591018970767614066341790",
"272817344153529007207954408208658891171",
"310819429943320952239319100945506094308",
"294684481793005074418825898650724703588",
"284852767568939866208404758986813844484",
"135048408280236198033297538181704054875",
"178232548585010373670530362802723727332"
]
},
"target": {
"file": "fs/nfs/nfs4namespace.c"
}
},
{
"id": "CVE-2022-49418-e8f93bc1",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@c3ed222745d9ad7b69299b349a64ba533c64a34f",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Line",
"digest": {
"threshold": 0.9,
"line_hashes": [
"101210455665832683191657956459763141576",
"259136458363998573972171732364014630639",
"128040958933438836104204809006261606408",
"142848482804616427808564520290832168146"
]
},
"target": {
"file": "include/linux/nfs_xdr.h"
}
},
{
"id": "CVE-2022-49418-ee66e83f",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@c3ed222745d9ad7b69299b349a64ba533c64a34f",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Function",
"digest": {
"length": 780.0,
"function_hash": "279111582415622060753254104150199784693"
},
"target": {
"function": "nfs_do_refmount",
"file": "fs/nfs/nfs4namespace.c"
}
},
{
"id": "CVE-2022-49418-f265d60d",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@c3ed222745d9ad7b69299b349a64ba533c64a34f",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Line",
"digest": {
"threshold": 0.9,
"line_hashes": [
"117084116670229382730122276530126856395",
"116558634851279488075806567429207837258",
"42409546474535791233555164774548177818",
"113390363226342039750858767057890346082",
"142418103719104465964468462779210366247",
"188788094268372630875716281400573588284",
"177121051833827227136927978058133119206",
"269860824426662788077881101740106401079",
"72014713235022597437183093040511893077",
"152895971899377847326386009853028439897",
"222597467977294951828318741486036591996",
"34662036231615591993118375770279227970",
"122242641703624990302520540694945208015",
"113455626232392526545612901823045177277",
"324677236320632337974799845998264069625",
"287257096208327373499904002238273556296",
"292326431870281833739592269187778524474",
"130564201155693192556053155030252633747",
"174934215160269620288049443391256802532",
"253267550542776111191659593550172932070",
"243276564824940847908268044159313024746",
"23931924192152434765948355844781851532",
"62796242045926843072021755892036893768",
"162420502245603246404869788119264330487",
"243276564824940847908268044159313024746",
"23931924192152434765948355844781851532"
]
},
"target": {
"file": "fs/nfs/nfs4proc.c"
}
}
]